# Testing Guide - TigerStyle Life9

## 🧪 Testing the Complete Plugin

### Quick Installation Test

1. **Copy plugin to WordPress**:
   ```bash
   # From project directory
   cp -r /home/rpm/wp-robbie/src/tigerstyle-life9 /path/to/wordpress/wp-content/plugins/
   ```

2. **Build frontend assets** (optional - fallbacks work):
   ```bash
   cd /path/to/wordpress/wp-content/plugins/tigerstyle-life9
   npm install
   npm run build
   ```

3. **Activate in WordPress**:
   - Go to WordPress admin → Plugins
   - Find "TigerStyle Life9" 
   - Click "Activate"

4. **Access the interface**:
   - New menu "TigerStyle Life9" appears in WordPress admin
   - Visit submenu items: Dashboard, Create Backup, Restore, Settings

### 🎯 Manual Testing Checklist

#### Installation & Activation
- [ ] Plugin activates without errors
- [ ] Database tables created successfully
- [ ] Backup directory created with proper permissions
- [ ] Admin menu appears correctly
- [ ] No PHP errors in debug log

#### Security Features
- [ ] Non-admin users cannot access backup functions
- [ ] Nonce verification works on all AJAX requests
- [ ] Path validation prevents directory traversal
- [ ] File uploads are properly sanitized
- [ ] Rate limiting prevents abuse

#### Backup Creation Interface
- [ ] Backup page loads with all components
- [ ] Alpine.js reactivity works (checkboxes, progress bars)
- [ ] Form validation prevents invalid submissions
- [ ] Encryption password strength meter functions
- [ ] File browser component works (if applicable)
- [ ] Progress tracking displays correctly

#### Settings Interface
- [ ] All settings sections load
- [ ] Form validation works for each setting
- [ ] Settings save successfully
- [ ] Storage backend configurations work
- [ ] System information displays correctly

#### Restore Interface
- [ ] Multi-step wizard navigation works
- [ ] File upload handling functions
- [ ] Backup validation works
- [ ] Restore options display correctly
- [ ] Warning messages appear appropriately

### 🔧 Functional Testing

#### Test Backup Creation
```bash
# Test basic backup (if WordPress is accessible)
curl -X POST "http://your-site.local/wp-json/tigerstyle-life9/v1/backup" \
  -H "Content-Type: application/json" \
  -H "X-WP-Nonce: YOUR_NONCE" \
  -d '{
    "include_files": true,
    "include_database": true,
    "encryption": {
      "enabled": true,
      "password": "test123"
    }
  }'
```

#### Test File Scanner
```php
// In WordPress admin or via WP-CLI
$scanner = new TigerStyle_Life9_File_Scanner();
$files = $scanner->scan_directory(ABSPATH, [
    'exclude_patterns' => ['*.log', 'cache/*']
]);
var_dump(count($files)); // Should return file count
```

#### Test Encryption
```php
// Test encryption functionality
$encryption = new TigerStyle_Life9_Encryption();
$test_data = "Hello, secure world!";
$encrypted = $encryption->encrypt($test_data, "password123");
$decrypted = $encryption->decrypt($encrypted, "password123");
echo ($test_data === $decrypted) ? "✅ Encryption works" : "❌ Encryption failed";
```

### 🛡️ Security Testing

#### Path Traversal Test
```php
// Should return false
$security = new TigerStyle_Life9_Security();
$result = $security->validate_path("../../wp-config.php", ABSPATH);
var_dump($result); // Should be false
```

#### SQL Injection Prevention
```php
// All database queries should use prepared statements
// Check that no direct SQL concatenation exists
grep -r "SELECT.*\$" includes/ # Should return no results
grep -r "\$wpdb->query.*\$" includes/ # Should return no results
```

#### XSS Prevention Test
- Check that all output uses `esc_html()`, `esc_attr()`, `esc_url()`
- Verify Alpine.js uses `x-text` instead of `x-html` for user data
- Test form inputs with malicious scripts

### 🚀 Performance Testing

#### Memory Usage
```php
// Test backup memory consumption
$initial_memory = memory_get_usage();
$backup_engine = new TigerStyle_Life9_Backup_Engine(tigerstyle_life9());
// ... perform backup operations
$peak_memory = memory_get_peak_usage();
echo "Memory used: " . ($peak_memory - $initial_memory) . " bytes";
```

#### Large File Handling
- Test with files > 100MB
- Test with directories containing 10,000+ files
- Verify progress tracking accuracy
- Check timeout handling

### 🌐 Browser Testing

#### Supported Browsers
- [ ] Chrome 90+
- [ ] Firefox 88+
- [ ] Safari 14+
- [ ] Edge 90+

#### Mobile Responsiveness
- [ ] Interface works on mobile devices
- [ ] Touch interactions function properly
- [ ] Progress bars scale correctly
- [ ] Forms are mobile-friendly

### 🔍 Error Scenarios

#### Test Error Handling
1. **Insufficient disk space**:
   ```bash
   # Fill up disk space and test backup creation
   dd if=/dev/zero of=/tmp/fillup bs=1M count=1000
   ```

2. **Permission errors**:
   ```bash
   # Remove write permissions and test
   chmod 444 /path/to/backup/directory
   ```

3. **Database connection failure**:
   ```php
   // Temporarily break DB connection and test
   ```

4. **Network interruption**:
   ```bash
   # Test with network disabled for cloud storage
   ```

### 📊 Testing Results Template

```markdown
## Test Results - [Date]

### Environment
- **WordPress Version**: 6.3.0
- **PHP Version**: 8.1.0
- **Server**: Apache/Nginx
- **Database**: MySQL 8.0

### Test Summary
- **Total Tests**: 50
- **Passed**: 48
- **Failed**: 2
- **Skipped**: 0

### Failed Tests
1. **Backup Progress Tracking**: Progress bar stutters on large files
2. **Mobile Interface**: Settings page scrolling issue on iOS Safari

### Performance Metrics
- **Backup Creation**: 2.3 seconds (500MB site)
- **Database Export**: 0.8 seconds (100 tables)
- **File Scanning**: 1.1 seconds (5000 files)
- **Memory Usage**: Peak 128MB during backup

### Security Verification
- ✅ All XCloner vulnerabilities addressed
- ✅ No path traversal possible
- ✅ All SQL queries use prepared statements
- ✅ Proper nonce verification
- ✅ Rate limiting functional
```

### 🏭 Production Testing

#### Staging Environment
1. **Deploy to staging** WordPress site
2. **Test with real data** (full site backup/restore)
3. **Verify cloud storage** integration works
4. **Test scheduled backups** run correctly
5. **Validate email notifications** are sent

#### Load Testing
```bash
# Test concurrent backup requests
for i in {1..5}; do
  curl -X POST "http://your-site.local/wp-json/tigerstyle-life9/v1/backup" &
done
```

### 🚨 Emergency Testing

#### Disaster Recovery
1. **Create backup** of production site
2. **Simulate site corruption** (rename wp-config.php)
3. **Restore from backup** using plugin
4. **Verify site functionality** post-restore
5. **Document recovery time**

---

**Testing is critical for security and reliability!** 🧪✅